top of page

SECURE Whisper - Privacy Policy

Effective Date: Feb. 25, 2025

Last Updated: Apr. 16, 2025

 

Welcome to Secure Whisper, a fully encrypted communication platform connecting mobile and VoIP Phones for iOS and Android devices designed to provide absolute data privacy and ownership. Secure Whisper is a subsystem of Secure Systems, where organizations maintain full control over their user data and communications by hosting all information on their own premises or private cloud. This Privacy Policy outlines how Secure Whisper handles your data, ensuring secure and confidential communication across your organization.

1. Data Ownership & Hosting

 

Secure Whisper operates on a self-hosted model, meaning that all customer data, including user accounts, call logs, and communication history, is stored and managed entirely by the organization that has purchased Secure Systems. We do not store or access any customer data, as the system operates entirely on the customer’s servers.

All user accounts are created and managed by the organization’s administrator.

Data is never stored on external or third-party servers—organizations retain full control over their information.

 

Secure Systems has no access to customer communications or account details.

 

2. Information Required for Optimal Performance and Functionality

 

Secure Whisper does not collect or store any data, ensuring your organization retains full control over its information. Customers manage their own data to activate and manage users within their own systems.

1. Contact Information (For User Authentication & Communication)

  • Name

  • Phone Number

 

These details are provided and used by your organization for user account management, authentication, and secure communication within your organization.

2. User Content (For Profile Customization Only)

  • Photos (if permission is granted within the application)

Secure Whisper allows users to set a profile picture for personalization. The app will only access photos if explicit permission is granted by the user within the application. No other media content is collected, stored, or shared.

 

3. Identifiers (For Secure Access & Device Recognition)

  • User ID (Assigned by the organization’s admin)

  • Device ID

 

These identifiers help ensure seamless authentication, prevent unauthorized access, and maintain account security.

 

4. Diagnostics (For Performance & Analytics)

  • Crash Logs (For App Functionality & Stability Improvements)

Diagnostics help identify and resolve technical issues, optimize app performance, and improve user experience. Organizations may choose to disable analytics tracking within their infrastructure settings.

Calls, and communication logs—all are encrypted and stored solely on the organization’s infrastructure.

 

3. End-to-End Encryption & Security

 

Secure Whisper is built with industry-leading end-to-end encryption, ensuring that only the sender and recipient can access communications.

     • AES 256-bit encryption & SHA-256 hashing secure all communications.

     • New encryption keys are generated per session, ensuring maximum security.

     • No centralized storage of calls and logs—all data remains within the customer’s infrastructure.

 

4. User Management & Access Control

 

Each organization has complete control over who can access Secure Whisper and how accounts are managed:

     • Admin-Controlled Accounts: User accounts are created and assigned by the organization’s administrator.

     • Role-Based Access: Organizations define user permissions based on operational requirements.

     • Custom Security Policies: Companies can enforce multi-factor authentication (MFA) and other security measures.

 

Users cannot sign up independently—only administrators of the purchasing organization can create and manage user accounts.

 

5. Data Retention & Deletion

 

Because Secure Whisper is self-hosted, data retention policies are determined by the organization that owns the system. Secure Systems does not store or retain any user data.

     • Call Data: Stored only on the organization’s private cloud or on-premises server, following internal policies.

     • User Data: Admins control how long user data is stored and when it is deleted.

     • Account Deletion: Admins can remove user accounts, ensuring permanent data deletion.

 

6. Third-Party Sharing & Compliance

 

Secure Whisper is designed for complete data sovereignty, meaning:

     • No third-party access: No user data is shared with external parties, advertisers, or analytics firms.

 

7. Security Measures

 

Secure Whisper employs multiple layers of security to protect user privacy:

     • Fully Encrypted Environment: All communication and stored data are encrypted.

     • Admin-Only Access Controls: Only authorized personnel within the organization manage user data.

     • Regular Security Updates: Organizations receive software updates with the latest security enhancements.

     • No Backdoors: Secure Systems does not implement or allow any form of government or third-party access.

 

8. Changes to This Policy

 

Secure Systems may update this Privacy Policy from time to time. However, as Secure Whisper is a self-hosted solution, any changes will primarily affect system functionalities, not the data hosted by individual organizations. Organizations remain responsible for implementing their internal privacy policies.

 

9. Contact Information

 

If you have any questions regarding this Privacy Policy, please contact your organization’s administrator. For general inquiries about Secure Whisper and Secure Systems, reach out to:

 

Email: Compliance@securelabs.solutions

By using Secure Whisper, you acknowledge that your data is owned and managed by the organization that provided your account, and that Secure Systems does not store, access, or control your personal information.

bottom of page